The Nemertes Security Maturity Model

  • ID: 3927083
  • Report
  • Region: Global
  • 25 Pages
  • Nemertes Research
1 of 3
Is Your Organization Structured and Funded in a Way That Leads to Proven Success?

How solid a job is a cybersecurity organization doing? There’s no easy answer to that question. Not experiencing a breach that lands the organization on the front page of the Wall St. Journal is a good start, but it’s not an ideal metric. Maybe there’s a breach hasn’t yet been discovered; maybe the enterprise isn’t quite as juicy a target as its top competitor. In other words, what may look like a successful (or unsuccessful) security organization is often just a matter of luck.

A better approach to assessing the quality of one’s cybersecurity organization is the concept of maturity. Is your organization structured and funded in a way that leads to proven success? Are you deploying technologies that lead to successful cybersecurity? Are you investing in the right areas? And above all, how do you determine the “right” answer to these questions?

To assist in all of the above, Nemertes Research have developed a Security Maturity Model based on decades of experience and intensive research. Our maturity model includes four levels: Unprepared, reactive, proactive, and anticipatory. Across each salient dimension - budgeting and procurement, organization, planning, and technology - we mapped the benchmark participants into those four levels. We determined which characteristics align with each level in each dimension.

The result is a model that enterprise organizations can use to assess their security maturity, and more importantly, to determine what steps to take to improve that maturity.

Note: Product cover images may vary from those shown
2 of 3
1. Table Of Figures

2. Executive Summary

3. The Issue: Rating The Effectiveness Of An Infosec Organization

4. The Nemertes Security Maturity Model

5. Level 0: Unprepared

6. Level 1: Reactive

7. Level 2: Proactive

8. Level 3: Anticipatory

9. Maturity Model Elements

10. Budgeting And Investment

11. Procurement Strategy

12. Big Rock 10 Best-In-Breed

13. Ecosystem

14. Custom

15. Organization

16. Technology Planning Maturity: Security Architecture

17. Technology Planning Maturity: Security Roadmap 15 Interaction With Business

18. Bellwether Technologies (And Why They Matter)

19. What Is A “Bellwether Technology”?

20. Information Security Bellwether Technologies

21. The Definition Of “Success”

22. Conclusion And Recommendations

23. Appendix: Methodology

24. Company Size: Revenue

25. Company Size: Employees

26. Participants: By Industry

27. Participants: By Title

28. Participants: By It Culture
Note: Product cover images may vary from those shown
3 of 3


4 of 3
Note: Product cover images may vary from those shown